[16865] in cryptography@c2.net mail archive
Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
daemon@ATHENA.MIT.EDU (SK)
Wed Feb 9 14:04:34 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 9 Feb 2005 19:40:14 +0100
From: SK <sk.list@gmail.com>
Reply-To: SK <sk.list@gmail.com>
To: Amir Herzberg <herzbea@macs.biu.ac.il>
Cc: cryptography@metzdowd.com
In-Reply-To: <420A4B50.4010203@cs.biu.ac.il>
How can Trustbar help me if the site in question is not even SSL
based. Homograph based attacks are imo a different class of its own.
SK
On Wed, 09 Feb 2005 19:41:36 +0200, Amir Herzberg
<herzbea@macs.biu.ac.il> wrote:
> Want to see a simple, working method to spoof sites, fooling
> Mozilla/FireFox/... , even with an SSL certificate and `lock`?
>
> http://www.shmoo.com/idn/
>
> See also:
>
> http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3866526512
>
> Want to protect your Mozilla/FireFox from such attacks? Install our
> TrustBar: http://TrustBar.Mozdev.org
> (this was the first time that I had a real reason to click the `I don't
> trust this authority` button...)
>
> Opinions?
>
> Best, Amir Herzberg
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
